[jira] [Updated] (CLOUDSTACK-2761) [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
[
https://issues.apache.org/jira/browse/CLOUDSTACK-2761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Animesh Chaturvedi updated CLOUDSTACK-2761:
---
Status: Ready To Review (was: In Progress)
> [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
> -
>
> Key: CLOUDSTACK-2761
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2761
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Controller
>Affects Versions: 4.2.0
> Environment: commit # 8d1189c2ae87216bc1c4a1443f75e9a8629abdc2
>Reporter: venkata swamybabu budumuru
>Assignee: Jayapal Reddy
>Priority: Blocker
> Fix For: 4.2.0
>
> Attachments: logs.tgz
>
>
> Steps to reproduce:
> 1. Have latest CloudStack build with at least 1 advanced zone
> 2. Have at least 1 VMware cluster with 1 host.
> 3. Create a VPC with at least 1 Tier
> 4. deploy a VM
> 5. apply an ACL to allow all
> 6. acquire at least 1 IP
> 7. create PF/staticNAT on the above created IP to the VM created in step (4)
> Observations:
> (i) It failed to create staticNAT with the following error
> 2013-05-30 08:05:20,203 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-38:null) Seq 1-1416495168: Response Received:
> 2013-05-30 08:05:20,206 DEBUG [agent.transport.Request] (DirectAgent-38:null)
> Seq 1-1416495168: Processing: { Ans: , MgmtId: 7280707764394, via: 1, Ver:
> v1, Flags: 0, [{"routing.IpAssocAnswer":{"results":["10.147.44.63 -
> success"],"result":true,"wait":0}}] }
> 2013-05-30 08:05:20,207 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495168: Received: { Ans: , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 0, { IpAssocAnswer } }
> 2013-05-30 08:05:20,211 INFO [cloud.network.NetworkManagerImpl]
> (catalina-exec-19:null) Let VpcVirtualRouter handle StaticNat in network 204
> 2013-05-30 08:05:20,223 DEBUG
> [network.router.VirtualNetworkApplianceManagerImpl] (catalina-exec-19:null)
> Applying static nat rules in network Ntwk[204|Guest|11]
> 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495169: Sending { Cmd , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 11,
> [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}]
> }
> 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495169: Executing: { Cmd , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 11,
> [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}]
> }
> 2013-05-30 08:05:20,289 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-16:null) Seq 1-1416495169: Executing request
> 2013-05-30 08:05:20,290 INFO [vmware.resource.VmwareResource]
> (DirectAgent-16:10.147.40.12) Executing resource SetFirewallRuleCommand:
> {"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}
> 2013-05-30 08:05:20,290 DEBUG [vmware.resource.VmwareResource]
> (DirectAgent-16:10.147.40.12) Use router's private IP for SSH control. IP :
> 10.147.40.62
> 2013-05-30 08:05:21,746 ERROR [utils.ssh.SshHelper]
> (DirectAgent-16:10.147.40.12) SSH execution of command /root/firewall.sh -A
> -l 10.147.44.63 -r 10.0.1.188 -d 0:0 -G has an error status code in return.
> result output: Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.4.14: option "--set-mark" requires an argument
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `eth0'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name.
> iptab
[jira] [Updated] (CLOUDSTACK-2761) [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
[
https://issues.apache.org/jira/browse/CLOUDSTACK-2761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
venkata swamybabu budumuru updated CLOUDSTACK-2761:
---
Attachment: logs.tgz
> [VMware] [VPC] Failed to create PF/StaticNAT rules on VPC
> -
>
> Key: CLOUDSTACK-2761
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2761
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Controller
>Affects Versions: 4.2.0
> Environment: commit # 8d1189c2ae87216bc1c4a1443f75e9a8629abdc2
>Reporter: venkata swamybabu budumuru
>Priority: Blocker
> Fix For: 4.2.0
>
> Attachments: logs.tgz
>
>
> Steps to reproduce:
> 1. Have latest CloudStack build with at least 1 advanced zone
> 2. Have at least 1 VMware cluster with 1 host.
> 3. Create a VPC with at least 1 Tier
> 4. deploy a VM
> 5. apply an ACL to allow all
> 6. acquire at least 1 IP
> 7. create PF/staticNAT on the above created IP to the VM created in step (4)
> Observations:
> (i) It failed to create staticNAT with the following error
> 2013-05-30 08:05:20,203 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-38:null) Seq 1-1416495168: Response Received:
> 2013-05-30 08:05:20,206 DEBUG [agent.transport.Request] (DirectAgent-38:null)
> Seq 1-1416495168: Processing: { Ans: , MgmtId: 7280707764394, via: 1, Ver:
> v1, Flags: 0, [{"routing.IpAssocAnswer":{"results":["10.147.44.63 -
> success"],"result":true,"wait":0}}] }
> 2013-05-30 08:05:20,207 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495168: Received: { Ans: , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 0, { IpAssocAnswer } }
> 2013-05-30 08:05:20,211 INFO [cloud.network.NetworkManagerImpl]
> (catalina-exec-19:null) Let VpcVirtualRouter handle StaticNat in network 204
> 2013-05-30 08:05:20,223 DEBUG
> [network.router.VirtualNetworkApplianceManagerImpl] (catalina-exec-19:null)
> Applying static nat rules in network Ntwk[204|Guest|11]
> 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495169: Sending { Cmd , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 11,
> [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}]
> }
> 2013-05-30 08:05:20,288 DEBUG [agent.transport.Request]
> (catalina-exec-19:null) Seq 1-1416495169: Executing: { Cmd , MgmtId:
> 7280707764394, via: 1, Ver: v1, Flags: 11,
> [{"routing.SetStaticNatRulesCommand":{"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}}]
> }
> 2013-05-30 08:05:20,289 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-16:null) Seq 1-1416495169: Executing request
> 2013-05-30 08:05:20,290 INFO [vmware.resource.VmwareResource]
> (DirectAgent-16:10.147.40.12) Executing resource SetFirewallRuleCommand:
> {"rules":[{"dstIp":"10.0.1.188","id":0,"srcIp":"10.147.44.63","revoked":false,"alreadyAdded":false,"purpose":"StaticNat","icmpType":0,"icmpCode":0}],"vpcId":1,"accessDetails":{"router.guest.ip":"10.0.1.1","zone.network.type":"Advanced","router.ip":"10.147.40.62","router.name":"r-3-VM"},"wait":0}
> 2013-05-30 08:05:20,290 DEBUG [vmware.resource.VmwareResource]
> (DirectAgent-16:10.147.40.12) Use router's private IP for SSH control. IP :
> 10.147.40.62
> 2013-05-30 08:05:21,746 ERROR [utils.ssh.SshHelper]
> (DirectAgent-16:10.147.40.12) SSH execution of command /root/firewall.sh -A
> -l 10.147.44.63 -r 10.0.1.188 -d 0:0 -G has an error status code in return.
> result output: Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> iptables v1.4.14: option "--set-mark" requires an argument
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `eth0'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `10.147.44.63'
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name.
> iptables: No chain/target/match by that name.
> B
